Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 38

Thread: INFECTED FILE: LordPE download on the Collaborative RCE Tool library

  1. #16
    Condemned geezer
    Join Date
    Oct 2001
    Location
    Ankara, Turkey
    Posts
    138
    Quote Originally Posted by Woodmann View Post
    Did your bond case have Euro's in it?
    No, Euro was not in circulation at that time. Green bills they were, all green.
    Last edited by wbe; July 7th, 2010 at 17:07. Reason: I've got the greens, better than the blues, eh?

  2. #17
    I gave up antivirus's a long time ago, with the enormous number of false positives and up until i built my new PC, they just slowed my computer WAY WAY down, so i decided to not use antivirus. Its been over a year since i put win7x64 on my computer, and 3 mobos, 2 processors, and 3 different video cards have been through it, and it still runs super fast, and i get no popups, no unusual .exe's, when my friends call me over all the time to fix their malware filled box...

    maybe i have really good karma, or maybe i'm not dumb and don't download and run things from untrusted sources (file sharing sites? apple itunes? random toolbars for IE?).

    The only attacker whos managed to comprimize my system is myself in my many quests to learn

  3. #18
    or maybe i'm not dumb and don't download and run things from untrusted sources
    Sadly, the majority do such things.
    BUT, the saddest part is that those who visit here should know better,
    myself included. A VM is still the best choice for playing with fire.

    Because I am lazy, I use multiple scanners on everything I download.
    Even if its from a trusted source. If I get infected after that, well, I deserved it.

    Woodmann
    Learn Or Die.

  4. #19
    <script>alert(0)</script> disavowed's Avatar
    Join Date
    Apr 2002
    Posts
    1,281
    Quote Originally Posted by shellc0de View Post
    i'm not dumb and don't download and run things from untrusted sources
    That's great, but what happens when a website you commonly visit gets hacked and starts hosting a page containing an exploit for a yet-unpatched browser vulnerability that an AV engine would have caught? This can (and does) happen, so it seems to me like it's worth sacrificing some CPU cycles for a better peace-of-mind.

    And yes, of course there may be exploits for yet-unpatched browser vulnerabilities that AV engines don't catch, but I'd rather catch some than none at all.

  5. #20
    if one of my favorite websites gets hacked and they root my box via a client side exploit, they are probably way too smart to put that annoying spyware and fake AV popups, so chances are they are just botting me or otherwise running a program that will be easy to detect with an unconventional firewall when it tries to phone home, and from there i can attach olly to it and remove it completely

  6. #21
    Quote Originally Posted by disavowed View Post
    That's great, but what happens when a website you commonly visit gets hacked and starts hosting a page containing an exploit for a yet-unpatched browser vulnerability that an AV engine would have caught? This can (and does) happen
    Agreed.
    It happened on a forum I'm visiting from time to time, a user reported the forum as making his AV tilt while everyone else didn't noticed anything (still the malicious shit was there), flash plugin exploit that sorta stuff.

    We weren't malware-oriented, but our hosting provider was unfortunately (and still is, afaik) far less concerned about security than us..
    Please consider donating to help Woodmann.com staying online (here is why).
    Any amount greatly appreciated. Thank you.

  7. #22
    Well then let me do this, boot up a virtual machine, and comense all my internet browsing within that, there now I am virtually virus proof.

  8. #23
    Then you should read some of the information available with this google search:

    malware escaping from virtual machine

    Regards,
    JMI

  9. #24
    <script>alert(0)</script> disavowed's Avatar
    Join Date
    Apr 2002
    Posts
    1,281
    Quote Originally Posted by shellc0de View Post
    Well then let me do this, boot up a virtual machine, and comense all my internet browsing within that, there now I am virtually virus proof.
    AV software consumes less CPU resources than a VM

  10. #25
    shellc0de> What JMI says should be taken as "nobody is virus proof", cause malware escaping virtual machines aren't that common (far less than `simple` virtualization detection anyway).
    Please consider donating to help Woodmann.com staying online (here is why).
    Any amount greatly appreciated. Thank you.

  11. #26
    Quote Originally Posted by Woodmann View Post
    I have a thumb drive with the usual tools for fixing dirty boxes
    and now Comodo is bitching about the winrar portable exe
    thats on the thumb drive.
    Hey woodmann, could you list what tools you are running from your thumbdrive. I would be interested to know.

  12. #27
    It does help when you do all your web browsing on a daily updated Linux distro running in VM and SVN browser code though Can save yourself lots of trouble. I like to think that the number of open-source eyes going through code nightly cause it's their passion are way better than a few paid monkeys at MS.

    Maybe I'm just paranoid, though...


    Oh, yeah, and what Owl said - what are you running for a cleanup toolset, Woodmann?

  13. #28
    Howdy,

    Lemme plug it in and give you the list.

    Clamwin
    Combofix
    Rootkit Buster
    Root Repeal
    RU Botted
    Malwarebytes
    UBCD
    Comodo
    GMER

    And a Knoppix live CD.

    You can try Avira to get an infected MBR clean also.
    I dont bother because most of the time an infected MBR
    will keep rewriting so I just use UBCD and wipe it clean
    and start over again.

    I also run some of these tools at the same time so shit that is
    morphing gets caught before it rewrites again.

    I am always looking for new tools if anyone knows of any.

    Woodmann
    Learn Or Die.

  14. #29
    <script>alert(0)</script> disavowed's Avatar
    Join Date
    Apr 2002
    Posts
    1,281
    Quote Originally Posted by sabbato753 View Post
    I like to think that the number of open-source eyes going through code nightly cause it's their passion are way better than a few paid monkeys at MS.

    Maybe I'm just paranoid, though...
    I'm paranoid too, which is why I use Microsoft's software as opposed to most open source software. I have never seen any evidence at all (in the form of peer-reviewed studies, etc.) to show that open-source code is more secure than Microsoft's code. If you know of any such studies though, please feel free to provide links.

  15. #30
    Disa,

    The problem is maybe it's not closed source for everyone (law enforcement/governments like recently with Russia)... but that's another type of paranoia
    Please consider donating to help Woodmann.com staying online (here is why).
    Any amount greatly appreciated. Thank you.

Similar Threads

  1. Collaborative RCE Tool Library - official discussion thread
    By dELTA in forum Tools of Our Trade (TOT) Messageboard
    Replies: 60
    Last Post: August 15th, 2012, 01:12
  2. Replies: 10
    Last Post: July 6th, 2008, 08:21
  3. Replies: 1
    Last Post: February 24th, 2008, 18:27
  4. Collaborative RCE Tool Library contents so far
    By dELTA in forum Blogs Forum
    Replies: 7
    Last Post: January 5th, 2008, 12:06
  5. The Collaborative RCE Tool Library
    By Ring3 Circus in forum Blogs Forum
    Replies: 1
    Last Post: December 30th, 2007, 09:13

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •